In case you are a community safety skilled or forensics analyst who needs to realize a deeper understanding of performing forensic evaluation with Python, then this guide is for you. Some Python expertise can be useful.

Grasp the artwork of digital forensics and evaluation with Python

About This E-book

Study to carry out forensic evaluation and investigations with the assistance of Python, and achieve a complicated understanding of the varied Python libraries and frameworks Analyze Python scripts to extract metadata and examine forensic artifacts The writers, Dr. Michael Spreitzenbarth and Dr. Johann Uhrmann, have used their expertise to craft this hands-on information to utilizing Python for forensic evaluation and investigations

What You Will Study

Discover the forensic evaluation of various platforms akin to Home windows, Android, and vSphere Semi-automatically reconstruct main elements of the system exercise and time-line Leverage Python ctypes for protocol decoding Look at artifacts from cellular, Skype, and browsers Uncover the way to make the most of Python to enhance the main target of your evaluation Examine in risky reminiscence with the assistance of volatility on the Android and Linux platforms

In Element

Digital forensic evaluation is the method of analyzing and extracting knowledge digitally and analyzing it. Python has the mixture of energy, expressiveness, and ease of use that makes it a vital complementary software to the normal, off-the-shelf digital forensic instruments.

This guide will train you methods to carry out forensic evaluation and investigations by exploring the capabilities of varied Python libraries.

The e-book begins by explaining the constructing blocks of the Python programming language, particularly ctypes in-depth, together with learn how to automate typical duties in file system evaluation, widespread correlation duties to find anomalies, in addition to templates for investigations. Subsequent, we’ll present you cryptographic algorithms that can be utilized throughout forensic investigations to verify for recognized information or to match suspicious information with on-line providers comparable to VirusTotal or Cellular-Sandbox.

Shifting on, you will discover ways to sniff on the community, generate and analyze community flows, and carry out log correlation with the assistance of Python scripts and instruments. You will get to know concerning the ideas of virtualization and the way virtualization influences IT forensics, and you will uncover easy methods to carry out forensic evaluation of a jailbroken/rooted cellular system that’s based mostly on iOS or Android.

Lastly, the e-book teaches you the right way to analyze risky reminiscence and seek for recognized malware samples based mostly on YARA guidelines.

Fashion and strategy

This easy-to-follow information will show forensic evaluation methods by displaying you methods to remedy real-word-scenarios step-by-step.